This fix tries to fix logrus formatting by removing `f` from
`logrus.[Error|Warn|Debug|Fatal|Panic|Info]f` when formatting string
is not present.
Fixed issue #23459
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: fa710e504b0e3e51d4031790c18621b02dcd2600
Component: engine
When converting an opaque directory always keep the original
directory tar entry to ensure directory is created with correct
permissions on restore.
Closes#27298
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: daa70195171d798cdfb6c4033b33a06a8f7ebe6c
Component: engine
When daemon fails to load an authz plugin, it should be removed from
the plugin list. Else the plugin is retried on every request and
response, resulting in undesired behavior (eg. daemon panic)
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Upstream-commit: fae904af02a184833d2cd5ce9fdd61a4083707c7
Component: engine
containers may specify these cgroup values at runtime. This will allow
processes to change their priority to real-time within the container
when CONFIG_RT_GROUP_SCHED is enabled in the kernel. See #22380.
Also added sanity checks for the new --cpu-rt-runtime and --cpu-rt-period
flags to ensure that that the kernel supports these features and that
runtime is not greater than period.
Daemon will support a --cpu-rt-runtime flag to initialize the parent
cgroup on startup, this prevents the administrator from alotting runtime
to docker after each restart.
There are additional checks that could be added but maybe too far? Check
parent cgroups to ensure values are <= parent, inspecting rtprio ulimit
and issuing a warning.
Signed-off-by: Erik St. Martin <alakriti@gmail.com>
Upstream-commit: 56f77d5ade945b3b8816a6c8acb328b7c6dce9a7
Component: engine
The `archive` package defines aliases for `io.ReadCloser` and
`io.Reader`. These don't seem to provide an benefit other than type
decoration. Per this change, several unnecessary type cases were
removed.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: aa2cc18745cbe0231c33782f0fa764f657e3fb88
Component: engine
If parent of the destination path is shared, this
path will be unmounted from the parent ns even if
the path itself is private.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: b511d1f0cabd32ca30c87fa1bbc7ecac283dab39
Component: engine
Currently the plugins pkg allows a single handler. This assumption
breaks down if there are mutiple listeners to a plugin of a certain
Manifest such as NetworkDriver or IpamDriver when swarm-mode is enabled.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 5e9c78aeaf1d88000921190b88a1d91d6261208c
Component: engine
It was racy on config reload
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: a616cf3b88ee264b9a565dc0c25e583444ba64e2
Component: engine
This performs a similar check to the `"ConEmuANSI"` check that was recently
added to enable arrow keys navigation in docker container terminals.
Signed-off-by: Josh Wilson <josh.wilson@fivestars.com>
Upstream-commit: c0a5772668c5a2cb6d17a6b5907fc3eb08d18cc7
Component: engine
plugingetter is indepedent of docker/docker packages, so it can be
moved to pkg. This is also necessary for authorization plugins (part of
pkg) to use pluginv2. The original path at plugin/getter will be
eventually removed, when external repos (eg. libnetwork) update their
import paths.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Upstream-commit: d599d53db27f4a24b18f51464c39707eae383c7e
Component: engine
Fixes#26823
Fixes an issue where apparmor was not loaded into the kernel, because
apparmor_parser was being called incorrectly.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: 1a702111c61076e14f0e7ae688d0102128233daf
Component: engine
To use a deferred func to overwrite the returned error requires using
the 'named' error. So reuse err, instead of pipelineError. Also, the old
pipelineError will never be nil, since its executed before the error can
be set.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Upstream-commit: af2e2562494a11ee8e6ede58a29cc250935e74c4
Component: engine
As part of making graphdrivers support pluginv2, a PluginGetter
interface was necessary for cleaner separation and avoiding import
cycles.
This commit creates a PluginGetter interface and makes pluginStore
implement it. Then the pluginStore object is created in the daemon
(rather than by the plugin manager) and passed to plugin init as
well as to the different subsystems (eg. graphdrivers, volumedrivers).
A side effect of this change was that some code was moved out of
experimental. This is good, since plugin support will be stable soon.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Upstream-commit: fefea805e930a67fb6327f8e59415932861358cb
Component: engine
